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TITLE 

[0001] Computer or Computer Resource Lock Control Device and Method of 
Implementing Same 

FIELD 

(0002) The present specification relates to the field of computer security. More 
particularly, the present invention relates to computers, computer terminals and 
resources that are accessed through a computer or computer terminal that are subject to 
security measures in which the computer, terminal or resource is automatically secured 
and locked after a measured period of inactivity requiring the user to demonstrate 
authorization to regain access to the computer, terminal or resource. 

BACKGROUND 

[0003] Fig. 1 illustrates an exemplary computer system. This system may be a 
stand-alone computer, a networked computer, or a computer terminal or workstation 
connected to a larger, main-frame computer. The term "computer 1 * will hereafter be 
used to refer generically to stand-alone computers, networked computers, or computer 
terminals or workstations connected to a larger, main-frame computer. 

[0004] As shown in Fig. 1, a basic computer system (100) typically comprises a 
monitor (101), user input devices, such as a mouse (104) and keyboard (103), and a 
central processing unit (102) or connection to a main-frame processor. 

[0005] Computers often have automated measures designed to protect the 
computer and the information and resources it contains. These measures typically 
operate by measuring the time that the computer has gone without being used, e,g., 
without typing on the keyboard (103) or movement of the mouse (104). 

[0006] For example, a monitor (101), particularly a cathode ray tube monitor, 
can be damaged if the same screen is displayed for a long period of time. The 
luminescent material in the screen can become depleted along the lines and shapes of 
images displayed for a long period of time. The result is that when the display is finally 
changed, a shadow of the former, long-held display still appears on the monitor. 
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[0007] To prevent this, tasks known commonly as screen savers are run in the 
background of most computing platforms. The screen saver task measures the time 
since the computer last received input from the user, e.g., typing on the keyboard (103) 
or movement of the mouse (104). If the time since the last input from the user exceeds a 
specified limit, the screen saver will take over the monitor (101) and display a "screen 
saver" which is typically an animated or dynamic display that prevents any static image 
from being displayed for a lengthy period of time. 

(0008) Typically, by accessing the screen saver's control interface, the user can 
specify the amount of time the computer can be inactive before the screen saver display 
is implemented. This is a significant convenience as some users will want the screen 
saver to appear quickly if the computer is unused, while other users will not want to be 
bothered by the screen saver each time they stop inputting for a few moments. 

[0009] Another automatic safety measure, similar to screen savers, protects 
sensitive or confidential information or resources that may be available on or through a 
computer. If a computer contains confidential information or access to sensitive or 
important resources, access to that computer is typically controlled by requiring any 
authorized user to demonstrate authorization to access the computer by logging on. This 
is usually done by requiring the user to enter a password or passwords to gain access to 
the computer and/or its resources. Any user who cannot provide the appropriate 
passwords will not gain access. 

[0010] Another layer of protection is provided by automatically logging the user 
out if the computer has been inactive for a specified period of time, much like a screen 
saver. If an authorized user has logging into a secured computer, but not entered any 
input for a period of time, the concern is that the user has left or been called away 
without securing the computer. Consequently, if an unauthorized person can get to the 
computer at this time, when the computer is logged in, the unauthorized person will 
have full access to the confidential information or resources of the computer. This 
unwanted possibility is diminished by having the secured computer log out if the 
computer goes unused for a specified period of time. 

[0011] In this context, logging out involves locking up access to the computer 
and its information and resources such that an authorized user will again have to log in, 
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typically by providing one or more passwords, in order to regain access to the computer, 
its information and available resources. If the computer automatically locks up after a 
specified period of not receiving user input, the resources and information on that 
computer will likely be secured, even if an authorized user leaves or is called away from 
the computer while it is in a logged in or unlocked state. 

{0012] While this automatic, timed lock out is very useful to protect confidential 
information and resources available on the computer, it is also of some inconvenience to 
authorized users. The authorized user may not appreciate having to log back in to the 
computer each time he or she has to leave the computer for a few minutes. Logging 
back in obviously takes at least a few moments to accomplish and can become an 
annoyance if the process has to be repeated. 

[0013) Consequently, authorized users, who may be, for example, mere 
employees who do not have a particular stake in securing the information or resources 
available on a computer, will frequently seek to defeat the automatic time-out feature on 
their computer. For example, they may be able to deactivate the time-out feature so that 
the computer does not lock up even if left unused indefinitely. Alternatively, they may 
be able to set the time-out period for such a long length of time that it becomes almost 
meaningless as a way to restrict access to the computer, its information and resources. 

[0014] Consequently, there is a need in the art for a means and method of 
securing a computer that contains confidential information or provides access to 
restricted resources, while at the same allowing authorized users to easily access, lock 
and unlock, the computer without a laborious process of entering one or more passwords 
to gain access each time. 

SUMMARY 

[0015] The present specification describes a system for controlling use of a piece 
of office equipment or a particular resource available through that piece of equipment. 
In one example, a system may include a piece of office equipment; and a lock control 
device connected to that piece of office equipment. The lock control device is activated 
by presentation of an identifier of an authorized user. The lock control device controls 
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user operation of the office equipment by enabling operation of the office equipment or 
a resource available through that office equipment to the authorized user. 

[001 6J The office equipment so secured maybe, for example, a computer or 
computer terminal. The lock control device may be, for example, a proximity card 
sensor or a magnetic card reader. Preferably, the lock control device is connected to the 
computer or computer terminal via a daisy chain connector that also connects one or 
more user input devices to the computer or computer terminal. 

[0017] In other embodiments, the lock control device controls may be used to 
control access to a particular application residing on the computer or accessible through 
the computer terminal. The lock control device may also control access to other 
resources available on or through the computer or computer terminal such as a network 
or network server. 

[0018] Preferably, the secured computer or computer terminal has a timer for 
timing periods during which the computer or computer terminal receives no user input. 
The computer or computer terminal enters a locked state upon elapse of a pre- 
determined period during which no user input is received. An authorized user may 
unlock the computer or computer terminal by operating the lock control device. 

[0019] The principles described herein are not limited to the system summarized 
above, but also encompasses variations of this system as well the methods of making 
and operating the system. For example, a method for controlling use of a piece of office 
equipment or a particular resource available through that piece of equipment may be 
performed by enabling operation of the piece of office equipment or a reso urce available 
through that office equipment to an authorized user upon presentation of an identifier of 
the authorized user to a lock control device connected to the piece of office equipment. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0020] The accompanying drawings illustrate examples of the principles 
described herein and are a part of the specification. Together with the following 
description, the drawings help to demonstrate and explain examples of the present 
invention. 

[0021] Fig. 1 is an illustration of an exemplary conventional computer system. 
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[0022) Fig. 2 is an illustration of a computer system in which a proximity card 
system is used to unlock the computer system. 

[0023] Fig. 3 is an illustration of a computer system in which a magnetic strip 
card system is used to unlock the computer system. 

[0024] Fig, 4 is a flowchart illustrating an exemplary method of implementing 
the principles described herein. 

[0025] Fig. 5 is an illustration of connecting a computer lock control device to a 
computer. 

[0026] Figs. 6a and 6b illustrate lock control devices applied to control access to 
equipment other than a computer. 

[0027J Fig. 7 illustrates the principles described herein applied to controlling 
access to resources avai lable on and through a computer. 

[0028] Throughout the drawings, identical elements are designated by identical 
reference numbers. 

DETAILED DESCRIPTION 

[0029] The present specification provides a lock control device for a computer or 
other piece of eqxnprrient to control accesses to that equipment. The lock control device 
provides input to the computer or other piece of equipment to identify an authorized user 
in lieu of, for example, entry of one or more passwords using a keyboard. The lock 
control device is preferably activated using, for example, a proximity card or a magnetic 
strip card. In this way, access to the equipment secured by the lock control device can 
be quickly activated, even if that equipment has timed out and locked up. 
' [0030] Using the drawings, examples will now be explained. 

[0031 ] Fig. 2 illustrates a computer system which a proximity card system is 
used to operate a lock control device and unlock the computer system. As above, the 
term "computer," as used herein, means, without limitation, stand-alone computers, 
networked computers, or computer terminals or workstations connected to a larger, 
main-frame computer. As shown in Fig. 2 P an exemplary computer system (100) may 
comprise a monitor (101), user input devices, such as a mouse (104) and keyboard 
(103), and a central processing unit (1 02) or connection to a main-frame processor. 

5 

PAGE 33/40 ' RCVD AT 8/28/20D5 1:27:52 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-6/25 * DNIS:2738300 * CSID:8015727666 * DURATION (mm-ss):1 1-22 


09/28/2005 11:27 8015727666 


RFG UTAH 


PAGE 34/40 


10010811-1 


[0032] The computer system (100) illustrated in Fig. 2 contains confidential 
information or access to restricted resources such that it is desired to control access to 
the system (100). Consequently, basic security measures are preferably used, such as 
requiring an authorized user to input one or more passwords to the computer system 
(100) using the keyboard (103). Additionally, once an authorized user is logged into the 
system, i,e. ? the computer system (100) is unlocked, a timer will run which measures the 
amount of time elapsed since the system (100) last received user input via, for example, 
the keyboard (103) and mouse (104). If a predetermined length of time passes without 
any user input while the system (100) is in an unlocked state, the system (100) will 
automatically log out the current user and assume a locked state such that an authorized 
user will again have to log in using, for example, one or more passwords entered 
through the keyboard ( 1 03). 

[0033] However, the system (100) of Fig. 2 also includes a lock control device 
according to the principles described herein. In the example of Fig. 2, the lock control 
device is a proximity sensor (120) that is connected to the computer system (100). The 
proximity sensor (120) will detect the presence of a card (121) or other object which is 
encoded for detection by the sensor (120) when that card or object is brought into 
proximity with the sensor (120). Additionally, the proximity sensor (120) will be able to 
read an identifier encoded in the card (121) or other object so as to discriminate between 
cards. 

[0034] Proximity sensors (120) and corresponding proximity cards (121) are 
frequently used by employers to control employee access to, for example, a building, a 
room, a parking garage, etc. Consequently, employees may already be carrying a 
proximity card which can be used to facilitate implementation of the described system, 

[0035] A user can identify himself or herself to the computer system (100) by 
presenting his or her proximity card (121) or other object to the proximity sensor (120). 
As noted above t the proximity sensor (120) can distinguish between different proximity 
cards held by different users and can thus discriminate between different users. If a user, 
identified by his or her proximity card (121) being presented to the sensor (120), has 
authorization to use the computer system (100), the system (100) can automatically log 
the user in and assume an unlocked state. 
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[0036 J If the system (100) thereafter times out and assumes a locked state, the 
user can regain access and unlock the system (100) by simply presenting his or her 
proximity card (121) to the proximity sensor (120). In this way, the user is not bothered 
by having to re-enter his or her passwords each time the computer system (1 00) times 
out and locks up. 

[0037J As an added security precaution, the user may still be required to log in 
initially using one or more passwords. Then, for a period of, for example 8 hours, the 
user can reactivate access to the computer system (100) when the system times out by 
simply presenting an authorized proximity card (121) to the proximity sensor (120). 
Again, the user is not bothered by having to re-enter his or her passwords each time the 
computer system (100) times out and Jocks up. 

[0038] Fig. 3 illustrates a computer system in which a magnetic strip card system 
is used to operate a lock control device and unlock the computer system. As shown in 
Fig. 3 7 an exemplary computer system (100) may comprise a monitor (101), user input 
devices, such as a mouse (104) and keyboard (103), and a central processing unit (102) 
or connection to a main-frame processor, 

[0039] As before, the computer system (100) illustrated in Fig- 3 contains 
confidential information or access to restricted resources such that it is desired to control 
access to the system (100). Consequently, basic security measures are preferably used, 
such as requiring an authorized user to input one or more passwords to the computer 
system (1 00) using the keyboard (1 03). Additionally, once an authorized user is logged 
into the system, i.e., the computer system (1 00) is unlocked, a timer will run which 
measures the amount of time elapsed since the system (100) last received user input via, 
for example, the keyboard (103) and mouse (104). If a predetermined length of time 
passes without any user input while the system (100) is in an unlocked state, the system 
(1 00) will automatically log out the current user and assume a locked state such that an 
authorized user will again have to log in using, for example, one or more passwords 
entered through the keyboard (103). 

[0040] However, the system (100) of Fig. 3 also includes a lock control device 
according to the principles described herein. In the example of Fig. 3, the lock control 
device is a magnetic card reader (130) that is connected to the computer system (100). 
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The magnetic card reader (130) will read data encoded in a magnetic strip on a card 
(131) when the card (131) is swiped through the reader (130) causing the magnetic strip 
to pass by a magnetic field detector in the card reader (130). During this process, the 
card reader (130) will be able to read an identifier encoded in the magnetic strip on the 
card (131) so as to discriminate between cards. 

[0041] Magnetic card readers (130) ate frequently used to read credit card 
numbers from credit cards, but are also less commonly used by employers to control 
employee access to, for example, a building, a floor, a room, a parking garage, etc. 
Consequently, employees may already be carrying a magnetic strip access card (131) 
which can be used to facilitate implementation of the described system. 

[0042] In fact, a credit card, gas card or any other magnetic strip card that the 
employee carries and which is unique can be used as the magnetic strip access card for 
the system described herein. For example, an authorized user could log into a computer 
system using a traditional password. The user the edits the access information to add 
quick access with a magnetic strip card. The user is then prompted to swipe any 
magnetic strip card (e.g., a credit card) through the reader (130). The identification data 
on that card is then associated with the user's authorization to access the computer or 
terminal which will unlock or log in when that card is again presented to the reader 
(130). 

[0043] A user can identify himself or herself to the computer system (1 00) by 
swiping his or her magnetic strip card (131) through the card reader (130). As noted 
above, the card reader (130) can distinguish between different magnetic strip cards held 
by different users and can thus discriminate between different users. If a user, identified 
by his or her magnetic strip card (13 1 ) as read by the reader (1 30), has authorization to 
use the computer system (100), the system (1 00) can automatically log the user in and 
assume an unlocked state. 

[0044] If the system (100) thereafter times out and assumes a locked state, the 
user can regain access and unlock the system (100) by simply swiping his or her 
magnetic strip card (131) through the magnetic card reader (1 30). In this way, the user 
is not bothered by having to re-enter his or her passwords each time the computer system 
(1 00) times out and locks up. 
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[0045] As an added security precaution, the user may still be required to log in 
initially using one or more passwords. Then, for a period of, for example 8 hours, the 
user can reactivate access to the computer system (100) when the system times out by 
simply swiping an authorized magnetic strip card (131) through the card reader (130). 
Again, the user is not bothered by having to re-enter his or her passwords each time the 
computer system (100) times out and locks up, 

[0046] Fig. 4 is a flowchart illustrating one method of implementing the 
principles described herein. As shown in Fig. 4, the secured computer system constantly 
monitors the time since the last user input was received, Le., the period the system has 
been unused (180), When the elapsed time since the system received input exceeds a 
specified amount, i.e., a time out period, the computer system logs out and assumes a 
locked state (181). 

[0047] If a user then correctly enters one or more passwords to identify himself 
or herself as an authorized user of the system (1 82), the computer system logs in (184), 
In other words, the computer assumes an unlocked state in which the user can access the 
information and resources available on or through that computer. 

(0048] If no such password is entered, or was entered previously followed by the 
computer timing out and locking up, the user may operate a lock control device (183) to 
gain access to the computer system. The lock control device may be, for example, a 
proximity sensor or a magnetic card reader consistent with the exemplary embodiments 
described above. If the lock control device is activated (1 83), e.g., an authorized card is 
used in the lock control device, the computer system logs in (184), i.e., the computer 
assumes an unlocked state in which the user can access the information and resources 
available on or through that computer. 

[0049] Fig. 5 is an illustration of one example of connecting a computet lock 
control device to a computer according principles described herein. The lock control 
device may be, for example, a proximity card sensor or a magnetic card reader as 
discussed in the examples above. However, the invention is not so limited as will be 
explained below. 

[0050] As shown in Fig. 5, the lock control device (e.g., 120 or 130) is 
connected to the computer (102) to provide input to the computer to authorize a user 
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who is presenting an appropriate identification card or otherwise activating the lock 
control device. In the preferred embodiment illustrated in Fig. 5, the lock control device 
is preferably connected to the computer (102) by a daisy chain (140) in common with 
the keyboard (103). Consequently, input from the lock control device (e-g k , 120 or 130) 
enters the computer (102) through the same channel as would input, i.e., a password, 
typed on the keyboard (103). Consequently, it becomes very easy to use input from the 
lock control device to unlock the computer (102) in lieu of a password or similar input 
from the keyboard (1 03). 

[0051{ Along this line, the lock control device is not limited under the principles 
of described herein to a proximity card sensor or a magnetic card reader. Rather, the 
lock control device can be any device that can authenticate an authorized user and 
provide input in lieu of a typed password to the computer. Preferably, the lock control 
device can be activated more rapidly than typing a password to avoid the burden on the 
user of needing to repeatedly log back in to the computer. For example, the lock control 
device could be a fingerprint scanner, a retinal scanner, a voice pattern recognition 
system or the like. 

[0052] Consequently, the authorized user must present an identifier to the lock 
control device to access the office equipment, e.g., a computer, or resources available 
through that equipment. The identifier may be, as described above, a physical identifier 
carried by the authorized user such as a proximity card or a magnetic strip card. 
However, the identifier may also be a biological characteristic of the authorized user 
such as a fingerprint, retinal pattern or voice pattern. Any identifier of an authorized 
user that can be quickly tested and evaluated can be used. 

[0053] Figs. 6a and 6b illustrate examples of the principles described herein 
applied to control access to equipment other than a computer. As shown in Figs. 6a and 
6b, the principles can be applied to any piece of equipment for which access by users is 
to be limited and controlled. 

[0054J Fig. 6a illustrates a lock control device (e.g., 120 or 130) connected to a 
telephone (150), Consequently, use of a particular telephone (150) could be limited to 
those with a card or other means of activating the lock control device (e.g., 120 or 130). 
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[0055] Similarly, Fig. 6b illustrates a lock control device (e.g., 120 or 130) 
connected to a printer (160). Consequently, user of the printer (160) can be limited to 
those with a card or other means of activating the lock control device (e.g., 120 or 130). 

[0056] There is no limit to the type or amount of office equipment that can be 
secured with a lock control device (e.g. t 120 or 130). Examples of office equipment 
include, but are not limited to, computers, computer teairrinals, facsimile machines, copy 
machines, digital senders, scanners, telephones, personal digital assistants, multi- 
function peripherals, computer networks, servers, etc. 

[0057] Fig. 7 illustrates another application of the principles described herein. 
As will be explained in more detail below, in addition to using the lock control device 
(e.g., 120 or 130) to control user access to equipment and hardware, the lock control 
device (e.g., 120 or 130) can also be applied to controlling user access to resources 
available on and through a computer. 

[0058] It is not uncommon for a computer user, even after having logged on to 
the computer, to access resources through the computer that require additional 
verification of authorization. These resources may include particular drives or databases 
on a network, a particular web site, a particular application that can be run on or from 
the computer, etc. , 

[0059] As would be expected, access to these additional resources is often 
granted upon the entry of a password to the computer- Consequently, the described 
system can be applied in a manner similar to that described above to facilitate user 
access to these on-line resources. 

[0060] Fig. 7 illustrates such a system. As shown in Fig. 7, a computer system 
(100) can be used to access any number of on-line resources. These resources may 
include, for example, a network server (170), a particular web site (171), an application 
(172) that can be run on or through the computer (100), a network peripheral such as a 
printer (173), or a CD ROM library (174). 

[0061] As shown in Fig. 7, a lock control device (e.g., 120 or 130) is connected 
to the computer (1 00). When the user desires to access any one of the restricted on-line 
resources (170-174), the user can demonstrate authorization to use that resource by 
activating the lock control device (e.g., 120 or 130) rather than having to enter a 
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password. Similarly, if the user is using any of the on-line resources (1 70-174) and is 
timed out of that resource, i.e., the resources enters a locked state, the user can regain 
access to the resource by activating the lock control device (e.g.> 120 or 130). 

(0062] The preceding description has been presented only to illustrate and 
describe examples of the invention. It is not intended to be exhaustive or to limit the 
invention to any precise form disclosed. Many modifications and variations are possible 
in light of the above teaching. 

[0063] The preceding description is intended to enable others skilled in the art to 
best utilize the invention in various embodiments and with various modifications as are 
suited to the particular use contemplated. It is intended that the scope of the invention 
be defined by the following claims. 
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